Contact Us

White Box Cryptography

Gemalto is the first to offer White box cryptography as an integral part of its Sentinel portfolio of software licensing solutions

Cryptographic key discovery is one of today’s most prevalent threats in the DRM arena. It is therefore critical to protect those keys to such an extent that repeatable, reproducible and sustainable attacks cannot be easily and consistently generated against these implementations. White box cryptography is believed to be the “silver bullet” to cryptographic key discovery vulnerabilities. White box cryptography is an important aspect to the strategy of the cryptographic key protection, but it is also necessary to protect the secured application in which the keys are used.

The Methodology Behind White Box Cryptography

The white box scenario, in contrast with black and gray box scenarios, handles far more severe threats while assuming hackers have full visibility and control over the whole operation. Hackers can freely observe dynamic code execution (with instantiated cryptographic keys) and internal algorithm details are completely visible and alterable at will. Despite this fully transparent methodology, white box cryptography integrates the cipher in a way that does not reveal the key.

It allows protecting the cryptographic key at all times, rather than breaking it up and revealing it only a piece at a time. From a security perspective, this ensures that the protected key remains hidden from hackers and is therefore not susceptible to reconstruction during a potential attack process.

An Integral Part of Gemalto’s Security Measures

Gemalto is the first to offer white box cryptography as an integral part of its Sentinel portfolio of software licensing solutions. The secure communication channel provided by Gemalto’s Sentinel products ensures that the communication between the protected application and the hardware token is encrypted and cannot be replayed. Unlike the previous implementation which aimed to hide the encryption key, the new implementation is centered on white box cryptography, where it is assumed that the attacker can trace the protected application and the runtime environment, in search for the encryption key.

With this assumption as part of the design, the algorithm and encryption keys are replaced with special vendor-specific API libraries that implement the same encryption, but embed the encryption key as part of the algorithm, in a way that ensures that it’s never present in the memory and therefore cannot be extracted. The generation of the vendor-specific libraries is performed on Gemalto servers utilizing several trade secrets. In addition, each application library is individually generated and obfuscated for a specific software vendor - making a generic hack virtually impossible.

Beyond White Box Cryptography - A Complete Security Strategy

White box cryptography is an important aspect to the strategy of the cryptographic key protection, but it is also necessary to protect the secured application in which the keys are used. To do so robustly and in a performance-efficient manner, several static and dynamic reverse-engineering mechanisms should be employed. Additional protection tools such as obfuscation and enveloping are critical to comprehensive security. Sentinel’s award-winning family of licensing solutions leverage various protection algorithms and mechanisms that keep your software covered on all fronts. To do so robustly and in a performance-efficient manner, several static and dynamic reverse-engineering mechanisms should be employed.

Additional protection tools such as obfuscation and enveloping are critical to comprehensive security. It is important to consider the full spectrum of threats to the application and protect it accordingly. 

Gemalto is the first and only vendor to offer White box cryptography as an integral part of its Sentinel portfolio of software licensing solutions. This new technology allows protecting the cryptographic key at all times, rather than breaking it up and revealing it only a piece at a time. From a security perspective, this ensures that the protected key remains hidden from hackers and is therefore not susceptible to reconstruction during a potential attack process.


White Box Cryptography White Paper

White Paper - Understanding White Box Cryptography

This paper discusses traditional techniques while focusing on the White box cryptography implementation.

Download the White Paper

ROI Calculator

Learn how using a smart software monetization solution can help you save money in the long run.

Visit ROI Calculator


Back to Top

Contact Us

Thank you for your interest in our products. Please fill out and submit the form to receive more information about Gemalto or to be contacted by a Gemalto specialist.

Your Information

* Email Address:  
* First Name:  
* Last Name:  
* Company Name:  
* Phone:  
* Country:  
* State (US Only):  
* Province (Canada/Australia Only):  
Comments:  
 


By submitting this form I agree to receive information from Gemalto and its affiliates as described in our Privacy statement.